Summary: | 碩士 === 國防大學國防管理學院 === 國防資訊研究所 === 97 === The information application environment nowadays is in the integration phase, the information security policy will be hard to regulate the authentication and access control techniques within software and causes information security weakness if the Single Sign-On cannot integrate with the current application systems.
There are plenty of SSO products on the market, but there is no standard technology and mechanism and it needs specific tool and technique to integrate with application systems, therefore it is not easy to do the integration.
SOA (Services Oriented Architecture) is one of the best practice due to the mature Web Service technology and the supportability of various software tools. This research will take these advantages to build a model that integrates Role-Based Access Control (RBAC) ontology and web services. With this model, we provide a SSO fundamental service and architecture in order to integrate all kinds of software platform with SSO.
This Research proposed an Ontology of RBAC integrated with web service architecture and an inference engine that detect role conflict for SSO, in order to integrate the different platform’s system safety mechanism.
|